Other Requirements

  • Artikel

Betrifft: Internet Security and Acceleration Server (ISA), Operations Manager 2007, Operations Manager 2007 R2

Please note the following additional requirements:

  • For the ISA Server 2006 Management Pack to function properly, each ISA Server computer must be managed by System Center Operations Manager 2007.

  • Operations Manager must be configured to allow manual agent installations (approvals can be manual or automatic). Push installs require remote procedure call (RPC) and Server Message Block (SMB), which are blocked by default on ISA Server computers.

  • Operations Manager agents are to be installed manually on the ISA Server computers (and approved in the Operations Console if not configured for automatic approval).

  • ISA Server computers to be monitored must meet one of the following requirements:

    • ISA Server computers must be in the same domain as the Operations Manager server or in a domain with Kerberos trust to the Management Server’s domain.

    • If the preceding requirement is not met, digital certificates must be installed on the ISA Server computers and Operations Manager servers and configured using the MomCertImport.exe tool.

  • An access rule must be configured in ISA Server to allow the ISA Server computer to communicate with the Management Servers. This will be from the Local Host network to the network, computer, or computer set representing the Management Servers on TCP port 5723. The access rule is per-array for ISA Server 2006 Enterprise Edition and per-server for ISA Server 2006 Standard Edition.

    note
    The Microsoft Operations Manager system policy defined in ISA Server works only with Microsoft Operations Manager 2005, so there is no need to activate this.

  • The ISA Server Management component (a Microsoft Management Console) should be installed on the local computer of the Operations Manager operator. If it isn’t, the task to start the console will fail.

  • If the ISA Server Management console is installed on the operator’s computer, the operator should be added to one of the following ISA Server roles:

    • ISA Server Administrator (Array or Enterprise Administrator in Enterprise Edition): allowed full access to ISA Server monitoring and configuration.

    • ISA Server Auditor (Array or Enterprise Auditor in Enterprise Edition): allowed full access to ISA Server monitoring, able to view ISA Server configuration, and able to configure logging and alerting.

    • ISA Server Monitoring Auditor (Array Auditor in Enterprise Edition): allowed full access to ISA Server monitoring only.

  • If the ISA Server Management console is installed on the operator’s computer, the operator’s computer should be added to Remote Management Computers or Enterprise Remote Management Computers ISA Server computer sets. This permits the console on the computer to connect to the ISA Server RPC interface.

  • The ADAM Sites tool (AdamSites.exe) (https://go.microsoft.com/fwlink/?LinkId=120481) should be installed in the %ProgramFiles%\Microsoft ISA Server folder of the ISA Server computer hosting the Configuration Storage Server (CSS) role (refer to Objects the Management Pack Discovers for more information) for the respective tasks to function.

  • The following tools should be installed in the %ProgramFiles%\Microsoft ISA Server folder of the ISA Server computer hosting the Firewall role for the respective tasks to function: